Modernizing AppSec – Melinda Marks – ASW #307
In this week's interview, Melinda Marks' joins us to discuss her latest research. Her recent report Modernizing Application Security to Scale for Cloud-Native Development delves into many aspects and trends affecting AppSec as it matures, particularly in cloud-first organizations.
We also discuss the fuzzy line between "cloud-native" AppSec and everything else that refuses to disappear, particularly for organizations that weren't born cloud-native and still have legacy workloads to worry about.
Integrating security into the SDLC and CI/CD pipelines, infrastructure as code (IaC) trends, best of breed vs platform, and other aspects of AppSec get discussed as well!
Guest
Melinda Marks is the cybersecurity practice director at Enterprise Strategy Group, a leading IT analyst, strategy, and research firm, where she leads the cybersecurity analyst team and drives new research to provide insight on key cybersecurity topics and trends. Her coverage area includes cloud-native application protection platforms, cloud workload protection, cloud security posture management, DevSecOps, and application security, including web application security testing (SAST, DAST, IAST, SCA) and API security. She has over 20 years of experience in tech marketing and strategy. Most recently, she was chief marketing and strategy officer for Soluble, a startup focused on automating application security testing for developers (acquired by Lacework). She was also VP of Marketing at Armorblox, VP of Marketing at Styra, and head of marketing for StackRox (acquired by Red Hat). Her experience includes running competitive/market intelligence and product marketing teams at Tenable and running global communications for four years at Qualys. She also has a background in infrastructure from working at VMware, where she ran their original customer reference program, and later ran US PR.
Hosts
